-- vim: ft=terra
local util = lib.util
local secmode = lib.enum { 'public', 'private', 'lockdown', 'isolate' }
local pstring = lib.mem.ptr(int8)
local struct srv
local struct cfgcache {
secret: lib.mem.ptr(int8)
instance: lib.mem.ptr(int8)
overlord: &srv
pol_sec: secmode.t
pol_reg: bool
}
local struct srv {
sources: lib.mem.ptr(lib.store.source)
webmgr: lib.net.mg_mgr
webcon: &lib.net.mg_connection
cfg: cfgcache
id: rawstring
}
terra cfgcache:free() -- :/
self.secret:free()
self.instance:free()
end
terra srv:post_enum_author_uid(uid: uint64, r: lib.store.range): lib.mem.vec(lib.mem.ptr(lib.store.post))
var all: lib.mem.vec(lib.mem.ptr(lib.store.post)) all:init(64)
for i=0,self.sources.ct do var src = self.sources.ptr + i
if src.handle ~= nil and src.backend.timeline_instance_fetch ~= nil then
var lst = src:post_enum_author_uid(uid,r)
all:assure(all.sz + lst.ct)
for j=0, lst.ct do all:push(lst.ptr[j]) end
lst:free()
end
end
return all
end
terra srv:timeline_instance_fetch(r: lib.store.range): lib.mem.vec(lib.mem.ptr(lib.store.post))
var all: lib.mem.vec(lib.mem.ptr(lib.store.post)) all:init(64)
for i=0,self.sources.ct do var src = self.sources.ptr + i
if src.handle ~= nil and src.backend.timeline_instance_fetch ~= nil then
var lst = src:timeline_instance_fetch(r)
all:assure(all.sz + lst.ct)
for j=0, lst.ct do all:push(lst.ptr[j]) end
lst:free()
end
end
return all
end
srv.metamethods.__methodmissing = macro(function(meth, self, ...)
local primary, ptr, stat, simple, oid = 0,1,2,3,4
local tk, rt = primary
local expr = {...}
for _,f in pairs(lib.store.backend.entries) do
local fn = f.field or f[1]
local ft = f.type or f[2]
if fn == meth then
rt = ft.type.returntype
if rt == bool then tk = simple
elseif rt.type == 'integer' then tk = oid
elseif rt.stat_basetype then tk = stat
elseif rt.ptr_basetype then tk = ptr end
break
end
end
local r = symbol(rt)
local succ = label()
if tk == primary then
return quote
var [r]
for i=0,self.sources.ct do var src = self.sources.ptr + i
if src.handle ~= nil and src.backend.[meth] ~= nil then
r = src:[meth]([expr])
goto [succ]
end
end
lib.bail(['no active backends provide critical capability ' .. meth .. '!'])
::[succ]::;
in r end
else local ok, empty
if tk == ptr then
ok = `r.ptr ~= nil
empty = `[rt]{ptr=nil,ct=0}
elseif tk == stat then
ok = `r.ok == true
empty = `[rt]{ok=false,error=1}
elseif tk == simple then
ok = `r == true
empty = `false
elseif tk == oid then
ok = `r ~= 0
empty = `0
end
return quote
var [r] = empty
for i=0,self.sources.ct do var src = self.sources.ptr + i
if src.handle ~= nil and src.backend.[meth] ~= nil then
r = src:[meth]([expr])
if [ok] then break
else r = empty end
end
end
in r end
end
end)
local struct convo {
srv: &srv
con: &lib.net.mg_connection
msg: &lib.net.mg_http_message
aid: uint64 -- 0 if logged out
who: &lib.store.actor -- who we're logged in as, if aid ~= 0
peer: lib.store.inet
reqtype: lib.http.mime.t -- negotiated content type
-- cache
navbar: lib.mem.ptr(int8)
actorcache: lib.mem.cache(lib.mem.ptr(lib.store.actor),32) -- naive cache to avoid unnecessary queries
-- private
varbuf: lib.mem.ptr(int8)
vbofs: &int8
}
-- this is unfortunately necessary to work around a terra bug
-- it can't seem to handle forward-declarations of structs in C
local getpeer
do local struct strucheader {
next: &lib.net.mg_connection
mgr: &lib.net.mg_mgr
peer: lib.net.mg_addr
}
terra getpeer(con: &lib.net.mg_connection)
return [&strucheader](con).peer
end
end
terra convo:reroute_cookie(dest: rawstring, cookie: rawstring)
var hdrs = array(
lib.http.header { key = 'Content-Type', value = 'text/html; charset=UTF-8' },
lib.http.header { key = 'Location', value = dest },
lib.http.header { key = 'Set-Cookie', value = cookie }
)
var body = data.view.docskel {
instance = self.srv.cfg.instance.ptr;
title = 'rerouting';
body = 'you are being redirected';
class = 'error';
navlinks = '';
}
body:send(self.con, 303, [lib.mem.ptr(lib.http.header)] {
ptr = &hdrs[0], ct = [hdrs.type.N] - lib.trn(cookie == nil,1,0)
})
end
terra convo:reroute(dest: rawstring) self:reroute_cookie(dest,nil) end
terra convo:complain(code: uint16, title: rawstring, msg: rawstring)
var hdrs = array(lib.http.header { key = 'Content-Type', value = 'text/html; charset=UTF-8' })
var ti: lib.str.acc ti:compose('error :: ', title)
var bo: lib.str.acc bo:compose('<div class="message"><img class="icon" src="/s/warn.webp"><h1>',title,'</h1><p>',msg,'</p></div>')
var body = data.view.docskel {
instance = self.srv.cfg.instance;
title = ti:finalize();
body = bo:finalize();
class = lib.str.plit 'error';
navlinks = lib.coalesce(self.navbar, [lib.mem.ptr(int8)]{ptr='',ct=0});
}
if body.body.ptr == nil then
body.body = lib.str.plit"i'm sorry, dave. i can't let you do that"
end
body:send(self.con, code, [lib.mem.ptr(lib.http.header)] {
ptr = &hdrs[0], ct = [hdrs.type.N]
})
body.title:free()
body.body:free()
end
convo.methods.assertpow = macro(function(self, pow)
return quote
var ok = true
if self.aid == 0 or self.who.rights.powers.[pow:asvalue()]() == false then
ok = false
self:complain(403,'insufficient privileges',['you lack the <strong>'..pow:asvalue()..'</strong> power and cannot perform this action'])
end
in ok end
end)
struct convo.page {
title: pstring
body: pstring
class: pstring
}
terra convo:stdpage(pg: convo.page)
var doc = data.view.docskel {
instance = self.srv.cfg.instance;
title = pg.title;
body = pg.body;
class = pg.class;
navlinks = self.navbar;
}
var hdrs = array(
lib.http.header { 'Content-Type', 'text/html; charset=UTF-8' }
)
doc:send(self.con,200,[lib.mem.ptr(lib.http.header)] {ct = [hdrs.type.N], ptr = &hdrs[0]})
end
-- CALL ONLY ONCE PER VAR
terra convo:postv(name: rawstring)
if self.varbuf.ptr == nil then
self.varbuf = lib.mem.heapa(int8, self.msg.body.len + self.msg.query.len)
self.vbofs = self.varbuf.ptr
end
var o = lib.net.mg_http_get_var(&self.msg.body, name, self.vbofs, self.varbuf.ct - (self.vbofs - self.varbuf.ptr))
if o > 0 then
var r = self.vbofs
self.vbofs = self.vbofs + o + 1
@(self.vbofs - 1) = 0
var norm = lib.str.normalize([lib.mem.ptr(int8)]{ptr = r, ct = o})
return norm.ptr, norm.ct
else return nil, 0 end
end
terra convo:getv(name: rawstring)
if self.varbuf.ptr == nil then
self.varbuf = lib.mem.heapa(int8, self.msg.query.len + self.msg.body.len)
self.vbofs = self.varbuf.ptr
end
var o = lib.net.mg_http_get_var(&self.msg.query, name, self.vbofs, self.varbuf.ct - (self.vbofs - self.varbuf.ptr))
if o > 0 then
var r = self.vbofs
self.vbofs = self.vbofs + o + 1
@(self.vbofs - 1) = 0
var norm = lib.str.normalize([lib.mem.ptr(int8)]{ptr = r, ct = o})
return norm.ptr, norm.ct
else return nil, 0 end
end
local urimatch = macro(function(uri, ptn)
return `lib.net.mg_globmatch(ptn, [#ptn], uri.ptr, uri.ct+1)
end)
local route = {} -- these are defined in route.t, as they need access to renderers
terra route.dispatch_http :: {&convo, lib.mem.ptr(int8), lib.http.method.t} -> {}
local mimetypes = {
{'html', 'text/html'};
{'json', 'application/json'};
{'mkdown', 'text/markdown'};
{'text', 'text/plain'};
{'ansi', 'text/x-ansi'};
}
local mimevar = symbol(lib.mem.ref(int8))
local mimeneg = `lib.http.mime.none
for i, t in ipairs(mimetypes) do
local name, mime = t[1], t[2]
mimeneg = quote
var ret: lib.http.mime.t
if lib.str.ncmp(mimevar.ptr, mime, lib.math.biggest(mimevar.ct, [#mime])) == 0 then
ret = [lib.http.mime[name]]
else ret = [mimeneg] end
in ret end
end
local handle = {
http = terra(con: &lib.net.mg_connection, event: int, p: &opaque, ext: &opaque)
var server = [&srv](ext)
var mgpeer = getpeer(con)
var peer = lib.store.inet { port = mgpeer.port; }
if mgpeer.is_ip6 then peer.pv = 6 else peer.pv = 4 end
if peer.pv == 6 then
for i = 0, 16 do peer.v6[i] = mgpeer.ip6[i] end
else -- v4
@[&uint32](&peer.v4) = mgpeer.ip
end
-- the peer property is currently broken and there is precious
-- little i can do about this -- it always reports a peer v4 IP
-- of 0.0.0.0, altho the port seems to come through correctly.
-- for now i'm leaving it as is, but note that netmask restrictions
-- WILL NOT WORK until upstream gets its shit together. FIXME
-- needs to check for an X-Forwarded-For header from nginx and
-- use that instead of the peer iff peer is ::1/127.1 FIXME
-- maybe also haproxy support?
switch event do
case lib.net.MG_EV_HTTP_MSG then
lib.dbg('routing HTTP request')
var msg = [&lib.net.mg_http_message](p)
var co = convo {
con = con, srv = server, msg = msg;
aid = 0, who = nil, peer = peer;
reqtype = lib.http.mime.none;
} co.varbuf.ptr = nil
co.navbar.ptr = nil
co.actorcache.top = 0
co.actorcache.cur = 0
-- first, check for an accept header. if it's there, we need to
-- iterate over the values and pick the highest-priority one
do var acc = lib.http.findheader(msg, 'Accept')
-- TODO handle q-value
if acc.ptr ~= nil then
var [mimevar] = [lib.mem.ref(int8)] { ptr = acc.ptr }
var i = 0 while i < acc.ct do
if acc.ptr[i] == @',' or acc.ptr[i] == @';' then
mimevar.ct = (acc.ptr+i) - mimevar.ptr
var t = [mimeneg]
if t ~= lib.http.mime.none then
co.reqtype = t
goto foundtype
end
if acc.ptr[i] == @';' then -- fast-forward over q
for j=i+1,acc.ct do i=j
if acc.ptr[j] == @',' then break end
end
end
while i < acc.ct and -- fast-forward over ws
acc.ptr[i+1] == @' ' or
acc.ptr[i+1] == @'\t'
do i=i+1 end
mimevar.ptr = acc.ptr + i + 1
end
i=i+1
end
if co.reqtype == lib.http.mime.none then
mimevar.ct = acc.ct - (mimevar.ptr - acc.ptr)
co.reqtype = [mimeneg]
if co.reqtype == lib.http.mime.none then
co.reqtype = lib.http.mime.html
end
end
else co.reqtype = lib.http.mime.html end
::foundtype::end
-- we need to check if there's any cookies sent with the request,
-- and if so, whether they contain any credentials. this will be
-- used to set the auth parameters in the http conversation
var cookies_p = lib.http.findheader(msg, 'Cookie')
if cookies_p ~= nil then
var cookies = cookies_p.ptr
var key = [lib.mem.ref(int8)] {ptr = cookies, ct = 0}
var val = [lib.mem.ref(int8)] {ptr = nil, ct = 0}
var i = 0 while i < cookies_p.ct and
cookies[i] ~= 0 and
cookies[i] ~= @'\r' and
cookies[i] ~= @'\n' do -- cover all the bases
if val.ptr == nil then
if cookies[i] == @'=' then
key.ct = (cookies + i) - key.ptr
val.ptr = cookies + i + 1
end
i = i + 1
else
if cookies[i] == @';' then
val.ct = (cookies + i) - val.ptr
if lib.str.ncmp(key.ptr, lib.session.cookiename, lib.math.biggest([#lib.session.cookiename],key.ct)) == 0 then
goto foundcookie
end
i = i + 1
i = lib.str.ffw(cookies + i, cookies_p.ct - i) - cookies
key.ptr = cookies + i
val.ptr = nil
else i = i + 1 end
end
end
if val.ptr == nil then goto nocookie end
val.ct = (cookies + i) - val.ptr
if lib.str.ncmp(key.ptr, lib.session.cookiename, lib.math.biggest([#lib.session.cookiename], key.ct)) ~= 0 then
goto nocookie
end
::foundcookie:: do
var aid = lib.session.cookie_interpret(server.cfg.secret,
[lib.mem.ptr(int8)]{ptr=val.ptr,ct=val.ct},
lib.osclock.time(nil))
if aid ~= 0 then co.aid = aid end
end ::nocookie::;
end
if co.aid ~= 0 then
var sess, usr = co.srv:actor_session_fetch(co.aid, peer)
if sess.ok == false then co.aid = 0 else
co.who = usr.ptr
co.who.rights.powers = server:actor_powers_fetch(co.who.id)
end
end
var uridec = lib.mem.heapa(int8, msg.uri.len) defer uridec:free()
var urideclen = lib.net.mg_url_decode(msg.uri.ptr, msg.uri.len, uridec.ptr, uridec.ct, 1)
var uri = uridec
if urideclen == -1 then
for i = 0,msg.uri.len do
if msg.uri.ptr[i] == @'+'
then uri.ptr[i] = @' '
else uri.ptr[i] = msg.uri.ptr[i]
end
end
uri.ct = msg.uri.len
else uri.ct = urideclen end
lib.dbg('routing URI ', {uri.ptr, uri.ct})
if lib.str.ncmp('GET', msg.method.ptr, msg.method.len) == 0 then
route.dispatch_http(&co, uri, [lib.http.method.get])
elseif lib.str.ncmp('POST', msg.method.ptr, msg.method.len) == 0 then
route.dispatch_http(&co, uri, [lib.http.method.post])
elseif lib.str.ncmp('HEAD', msg.method.ptr, msg.method.len) == 0 then
route.dispatch_http(&co, uri, [lib.http.method.head])
elseif lib.str.ncmp('OPTIONS', msg.method.ptr, msg.method.len) == 0 then
route.dispatch_http(&co, uri, [lib.http.method.options])
else
co:complain(400,'unknown method','you have submitted an invalid http request')
end
if co.aid ~= 0 then lib.mem.heapf(co.who) end
if co.varbuf.ptr ~= nil then co.varbuf:free() end
if co.navbar.ptr ~= nil then co.navbar:free() end
co.actorcache:free()
end
end
end;
}
local terra cfg(s: &srv, befile: rawstring)
lib.report('configuring backends from ', befile)
var fr = lib.file.open(befile, [lib.file.mode.read])
if fr.ok == false then
lib.bail('could not open configuration file ', befile)
end
var f = fr.val
var c: lib.mem.vec(lib.store.source) c:init(8)
var text: lib.str.acc text:init(64)
do var buf: int8[64]
while true do
var ct = f:read(buf, [buf.type.N])
if ct == 0 then break end
text:push(buf, ct)
end
end
f:close()
var cur = text.buf
var segs: tuple(&int8, &int8)[3] = array(
{[&int8](0),[&int8](0)},
{[&int8](0),[&int8](0)},
{[&int8](0),[&int8](0)}
)
var segdup = [terra(s: {rawstring, rawstring})
var sz = s._1 - s._0
var str = s._0
return [lib.mem.ptr(int8)] {
ptr = lib.str.ndup(str, sz);
ct = sz;
}
end]
var fld = 0
while (cur - text.buf) < text.sz do
if segs[fld]._0 == nil then
if not (@cur == @' ' or @cur == @'\t' or @cur == @'\n') then
segs[fld] = {cur, nil}
end
else
if fld < 2 and @cur == @' ' or @cur == @'\t' then
segs[fld]._1 = cur
fld = fld + 1
segs[fld] = {nil, nil}
elseif @cur == @'\n' or cur == text.buf + (text.sz-1) then
if fld < 2 then lib.bail('incomplete backend line in ', befile) else
segs[fld]._1 = cur
var src = c:new()
src.id = segdup(segs[0])
src.string = segdup(segs[2])
src.backend = nil
for i = 0,[lib.store.backends.type.N] do
if lib.str.ncmp(segs[1]._0, lib.store.backends[i].id, segs[1]._1 - segs[1]._0) == 0 then
src.backend = &lib.store.backends[i]
break
end
end
if src.backend == nil then
lib.bail('unknown backend in ', befile)
end
src.handle = nil
fld = 0
segs[0] = {nil, nil}
end
end
end
cur = cur + 1
end
text:free()
if c.sz > 0 then
s.sources = c:crush()
else
s.sources.ptr = nil
s.sources.ct = 0
end
end
terra srv:actor_stats(uid: uint64)
var stats = lib.store.actor_stats {
posts = 0, mutuals = 0;
follows = 0, followers = 0;
}
for i=0,self.sources.ct do
var s = self.sources.ptr[i]:actor_stats(uid)
stats.posts = stats.posts + s.posts
stats.mutuals = stats.mutuals + s.mutuals
stats.followers = stats.followers + s.followers
stats.follows = stats.follows + s.follows
end
return stats
end
terra srv:actor_auth_how(ip: lib.store.inet, usn: rawstring)
var cs: lib.store.credset cs:clear()
var ok = false
for i=0,self.sources.ct do
var set, iok = self.sources(i):actor_auth_how(ip, usn)
if iok then
cs = cs + set
ok = iok
end
end
return cs, ok
end
terra srv:actor_auth_pw(ip: lib.store.inet, user: pstring, pw: pstring): uint64
for i=0,self.sources.ct do
if self.sources(i).backend ~= nil and
self.sources(i).backend.actor_auth_pw ~= nil then
var aid,uid,newhnd = self.sources(i):actor_auth_pw(ip,user,pw)
if aid ~= 0 then
if uid == 0 then
lib.dbg('new user just logged in, creating account entry')
var kbuf: uint8[lib.crypt.const.maxdersz]
var na = lib.store.actor.mk(&kbuf[0])
var newuid: uint64
if self.sources(i).backend.actor_create ~= nil then
newuid = self.sources(i):actor_create(&na)
else newuid = self:actor_create(&na) end
if self.sources(i).backend.actor_auth_register_uid ~= nil then
self.sources(i):actor_auth_register_uid(aid,newuid)
end
end
return aid
end
end
end
return 0
end
--9twh8y94i5c1qqr7hxu20fyd
terra cfgcache.methods.load :: {&cfgcache} -> {}
terra cfgcache:init(o: &srv)
self.overlord = o
self:load()
end
terra srv:setup(befile: rawstring)
cfg(self, befile)
var success = false
if self.sources.ct == 0 then lib.bail('no data sources specified') end
for i=0,self.sources.ct do var src = self.sources.ptr + i
lib.report('opening data source ', src.id.ptr, '(', src.backend.id, ')')
src.handle = src.backend.open(src)
if src.handle ~= nil then success = true end
end
if not success then
lib.bail('could not connect to any data sources!')
end
end
terra srv:start(iname: rawstring)
self:conprep(lib.store.prepmode.full)
self.cfg:init(self)
var dbbind = self:conf_get('bind')
if iname == nil then iname = lib.proc.getenv('parsav_instance') end
if iname == nil then
self.id = self.cfg.instance.ptr;
-- let this leak -- it'll be needed for the lifetime of the process anyway
else self.id = iname end
if iname ~= nil then
lib.report('parsav instance "',iname,'" starting')
end
var envbind = lib.proc.getenv('parsav_bind')
var bind: rawstring
if envbind ~= nil then
bind = envbind
elseif dbbind.ptr ~= nil then
bind = dbbind.ptr
else bind = '[::1]:10917' end
lib.report('binding to ', bind)
lib.net.mg_mgr_init(&self.webmgr)
self.webcon = lib.net.mg_http_listen(&self.webmgr, bind, handle.http, self)
if dbbind.ptr ~= nil then dbbind:free() end
end
terra srv:poll()
lib.net.mg_mgr_poll(&self.webmgr,1000)
end
terra srv:shutdown()
lib.net.mg_mgr_free(&self.webmgr)
for i=0,self.sources.ct do var src = self.sources.ptr + i
lib.report('closing data source ', src.id.ptr, '(', src.backend.id, ')')
src:close()
end
self.sources:free()
end
terra cfgcache:load()
self.instance = self.overlord:conf_get('instance-name')
self.secret = self.overlord:conf_get('server-secret')
self.pol_reg = false
var sreg = self.overlord:conf_get('policy-self-register')
if sreg.ptr ~= nil then
if lib.str.cmp(sreg.ptr, 'on') == 0
then self.pol_reg = true
else self.pol_reg = false
end
end
sreg:free()
self.pol_sec = secmode.lockdown
var smode = self.overlord:conf_get('policy-security')
if smode.ptr ~= nil then
if lib.str.cmp(smode.ptr, 'public') == 0 then
self.pol_sec = secmode.public
elseif lib.str.cmp(smode.ptr, 'private') == 0 then
self.pol_sec = secmode.private
elseif lib.str.cmp(smode.ptr, 'lockdown') == 0 then
self.pol_sec = secmode.lockdown
elseif lib.str.cmp(smode.ptr, 'isolate') == 0 then
self.pol_sec = secmode.isolate
end
end
smode:free()
end
return {
overlord = srv;
convo = convo;
route = route;
secmode = secmode;
}